For advanced use only, key-value pairs (one on each line) to be inserted into a role's environment. Applies to configurations of this
role except client configuration.

CATALOGSERVER_role_env_safety_valve

false

Catalog Server Core Dump Directory

Directory where the Catalog Server core dump is placed.

core_dump_dir

/var/log/catalogd

core_dump_dir

false

Catalog Server Hive Metastore Connection Timeout

Timeout for requests to the Hive Metastore Server from Catalog Server. Consider increasing this if you have tables with a lot of
metadata and see timeout errors.

hive.metastore.client.socket.timeout

1 hour(s)

hive_metastore_timeout

false

Load Catalog in Background

If true, loads catalog metadata in the background. If false, metadata is loaded lazily (on access). Only effective in CDH 5 and Impala
1.2.4 and higher.

load_catalog_in_background

true

load_catalog_in_background

false

Heap Dump Directory

Path to directory where heap dumps are generated when java.lang.OutOfMemoryError error is thrown. This directory is automatically
created if it does not exist. If this directory already exists, role user must have write access to this directory. If this directory is shared among multiple roles, it should have 1777 permissions.
The heap dump files are created with 600 permissions and are owned by the role user. The amount of free space in this directory should be greater than the maximum Java Process heap size configured
for this role.

oom_heap_dump_dir

/tmp

oom_heap_dump_dir

false

Dump Heap When Out of Memory

When set, generates heap dump file when java.lang.OutOfMemoryError is thrown.

false

oom_heap_dump_enabled

true

Kill When Out of Memory

When set, a SIGKILL signal is sent to the role process when java.lang.OutOfMemoryError is thrown.

true

oom_sigkill_enabled

true

Automatically Restart Process

When set, this role's process is automatically (and transparently) restarted in the event of an unexpected failure.

true

process_auto_restart

true

Logs

Display Name

Description

Related Name

Default Value

API Name

Required

Catalog Server Log Directory

Directory where Catalog Server will place its log files.

log_dir

/var/log/catalogd

log_dir

false

Impala Catalog Server Logging Threshold

The minimum log level for Impala Catalog Server logs

INFO

log_threshold

false

Catalog Server Verbose Log Level

Verbose logging level for the GLog logger. These messages are always logged at 'INFO' log level, so this setting has no effect if
Logging Threshold is set to 'WARN' or above.

The number of log files that are kept for each severity level before all older log files are removed. The number has to be greater
than 1 to keep at least the current log file open. If set to 0, all log files are retained and log rotation is effectively disabled.

max_log_files

10

max_log_files

false

Impala Catalog Server Max Log Size

The maximum size, in megabytes, per log file for Impala Catalog Server logs. Typically used by log4j or logback.

200 MiB

max_log_size

false

Monitoring

Display Name

Description

Related Name

Default Value

API Name

Required

Catalog Server Connectivity Health Test

Enables the health test that verifies the Catalog Server is connected to the StateStore

true

catalogserver_connectivity_health_enabled

false

Catalog Server Connectivity Tolerance at Startup

The amount of time to wait for the Catalog Server to fully start up and connect to the StateStore before enforcing the connectivity
check.

3 minute(s)

catalogserver_connectivity_tolerance

false

File Descriptor Monitoring Thresholds

The health test thresholds of the number of file descriptors used. Specified as a percentage of file descriptor limit.

Enables the health test that the Impala Catalog Server's process state is consistent with the role configuration

true

catalogserver_scm_health_enabled

false

Health Check Startup Tolerance

The amount of time allowed after this role is started that failures of health checks that rely on communication with this role will
be tolerated.

5 minute(s)

catalogserver_startup_tolerance

false

Web Metric Collection

Enables the health test that the Cloudera Manager Agent can successfully contact and gather metrics from the web server.

true

catalogserver_web_metric_collection_enabled

false

Web Metric Collection Duration

The health test thresholds on the duration of the metrics request to the web server.

Warning: 10 second(s), Critical: Never

catalogserver_web_metric_collection_thresholds

false

Enable Health Alerts for this Role

When set, Cloudera Manager will send alerts when the health of this role reaches the threshold specified by the EventServer setting
eventserver_health_events_alert_threshold

true

enable_alerts

false

Enable Configuration Change Alerts

When set, Cloudera Manager will send alerts when this entity's configuration changes.

false

enable_config_alerts

false

Heap Dump Directory Free Space Monitoring Absolute Thresholds

The health test thresholds for monitoring of free space on the filesystem that contains this role's heap dump directory.

Warning: 10 GiB, Critical: 5 GiB

heap_dump_directory_free_space_absolute_thresholds

false

Heap Dump Directory Free Space Monitoring Percentage Thresholds

The health test thresholds for monitoring of free space on the filesystem that contains this role's heap dump directory. Specified as
a percentage of the capacity on that filesystem. This setting is not used if a Heap Dump Directory Free Space Monitoring Absolute Thresholds setting is configured.

Warning: Never, Critical: Never

heap_dump_directory_free_space_percentage_thresholds

false

Log Directory Free Space Monitoring Absolute Thresholds

The health test thresholds for monitoring of free space on the filesystem that contains this role's log directory.

Warning: 10 GiB, Critical: 5 GiB

log_directory_free_space_absolute_thresholds

false

Log Directory Free Space Monitoring Percentage Thresholds

The health test thresholds for monitoring of free space on the filesystem that contains this role's log directory. Specified as a
percentage of the capacity on that filesystem. This setting is not used if a Log Directory Free Space Monitoring Absolute Thresholds setting is configured.

Warning: Never, Critical: Never

log_directory_free_space_percentage_thresholds

false

Resident Set Size Thresholds

The health test thresholds on the resident size of the process.

Warning: Never, Critical: Never

process_resident_set_size_thresholds

false

Process Swap Memory Thresholds

The health test thresholds on the swap memory usage of the process.

Warning: Any, Critical: Never

process_swap_memory_thresholds

false

Role Triggers

The configured triggers for this role. This is a JSON formatted list of triggers. These triggers are evaluated as part as the health
system. Every trigger expression is parsed, and if the trigger condition is met, the list of actions provided in the trigger expression is executed. Each trigger has the following fields:

triggerName(mandatory) - The name of the trigger. This value must be unique for the specific role.

streamThreshold(optional) - The maximum number of streams that can satisfy a condition of a trigger before the condition
fires. By default set to 0, and any stream returned causes the condition to fire.

enabled(optional) - By default set to 'true'. If set to 'false', the trigger is not evaluated.

expressionEditorConfig(optional) - Metadata for the trigger editor. If present, the trigger should only be edited from the
Edit Trigger page; editing the trigger here can lead to inconsistencies.

For example, the following JSON formatted trigger configured for a DataNode fires if the DataNode has more than 1500 file descriptors opened:[{"triggerName": "sample-trigger",
"triggerExpression": "IF (SELECT fd_open WHERE roleName=$ROLENAME and last(fd_open) > 1500) DO health:bad", "streamThreshold": 0, "enabled": "true"}]See the trigger rules documentation for
more details on how to write triggers using tsquery.The JSON format is evolving and may change and, as a result, backward compatibility is not guaranteed between releases.

[]

role_triggers

true

Unexpected Exits Thresholds

The health test thresholds for unexpected exits encountered within a recent period specified by the unexpected_exits_window
configuration for the role.

Number of CPU shares to assign to this role. The greater the number of shares, the larger the share of the host's CPUs that will be
given to this role when the host experiences CPU contention. Must be between 2 and 262144. Defaults to 1024 for processes not managed by Cloudera Manager.

cpu.shares

1024

rm_cpu_shares

true

Cgroup I/O Weight

Weight for the read I/O requests issued by this role. The greater the weight, the higher the priority of the requests when the host
experiences I/O contention. Must be between 100 and 1000. Defaults to 1000 for processes not managed by Cloudera Manager.

blkio.weight

500

rm_io_weight

true

Cgroup Memory Hard Limit

Hard memory limit to assign to this role, enforced by the Linux kernel. When the limit is reached, the kernel will reclaim pages
charged to the process. If reclaiming fails, the kernel may kill the process. Both anonymous as well as page cache pages contribute to the limit. Use a value of -1 B to specify no limit. By default
processes not managed by Cloudera Manager will have no limit.

memory.limit_in_bytes

-1 MiB

rm_memory_hard_limit

true

Cgroup Memory Soft Limit

Soft memory limit to assign to this role, enforced by the Linux kernel. When the limit is reached, the kernel will reclaim pages
charged to the process if and only if the host is facing memory pressure. If reclaiming fails, the kernel may kill the process. Both anonymous as well as page cache pages contribute to the limit. Use
a value of -1 B to specify no limit. By default processes not managed by Cloudera Manager will have no limit.

memory.soft_limit_in_bytes

-1 MiB

rm_memory_soft_limit

true

Security

Display Name

Description

Related Name

Default Value

API Name

Required

Catalog Server Webserver TLS/SSL Server Certificate File (PEM Format)

The path to the TLS/SSL file containing the server certificate key used for TLS/SSL. Used when Catalog Server Webserver is acting as
a TLS/SSL server. The certificate file must be in PEM format.

webserver_certificate_file

webserver_certificate_file

false

Catalog Server Web Server User Password

Password for Catalog Server web server authentication.

webserver_htpassword_password

webserver_htpassword_password

false

Catalog Server Web Server Username

Username for Catalog Server web server authentication.

webserver_htpassword_user

webserver_htpassword_user

false

Catalog Server Webserver TLS/SSL Server Private Key File (PEM Format)

The path to the TLS/SSL file containing the private key used for TLS/SSL. Used when Catalog Server Webserver is acting as a TLS/SSL
server. The certificate file must be in PEM format.

webserver_private_key_file

webserver_private_key_file

false

Catalog Server Webserver TLS/SSL Private Key Password

The password for the private key in the Catalog Server Webserver TLS/SSL Server Certificate and Private Key file. If left blank, the
private key is not protected by a password.

webserver_private_key_password_cmd

webserver_private_key_password_cmd

false

Stacks Collection

Display Name

Description

Related Name

Default Value

API Name

Required

Stacks Collection Data Retention

The amount of stacks data that is retained. After the retention limit is reached, the oldest data is deleted.

stacks_collection_data_retention

100 MiB

stacks_collection_data_retention

false

Stacks Collection Directory

The directory in which stacks logs are placed. If not set, stacks are logged into a stacks
subdirectory of the role's log directory.

stacks_collection_directory

stacks_collection_directory

false

Stacks Collection Enabled

Whether or not periodic stacks collection is enabled.

stacks_collection_enabled

false

stacks_collection_enabled

true

Stacks Collection Frequency

The frequency with which stacks are collected.

stacks_collection_frequency

5.0 second(s)

stacks_collection_frequency

false

Stacks Collection Method

The method used to collect stacks. The jstack option involves periodically running the jstack command against the role's daemon
process. The servlet method is available for those roles that have an HTTP server endpoint exposing the current stacks traces of all threads. When the servlet method is selected, that HTTP endpoint
is periodically scraped.

Whether to suppress the results of the StateStore Connectivity heath test. The results of suppressed health tests are ignored when
computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

false

role_health_suppression_catalogserver_connectivity

true

Suppress Health Test: File Descriptors

Whether to suppress the results of the File Descriptors heath test. The results of suppressed health tests are ignored when
computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

false

role_health_suppression_catalogserver_file_descriptor

true

Suppress Health Test: Heap Dump Directory Free Space

Whether to suppress the results of the Heap Dump Directory Free Space heath test. The results of suppressed health tests are ignored
when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

false

role_health_suppression_catalogserver_heap_dump_directory_free_space

true

Suppress Health Test: Host Health

Whether to suppress the results of the Host Health heath test. The results of suppressed health tests are ignored when computing the
overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

false

role_health_suppression_catalogserver_host_health

true

Suppress Health Test: Log Directory Free Space

Whether to suppress the results of the Log Directory Free Space heath test. The results of suppressed health tests are ignored when
computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

false

role_health_suppression_catalogserver_log_directory_free_space

true

Suppress Health Test: Resident Set Size

Whether to suppress the results of the Resident Set Size heath test. The results of suppressed health tests are ignored when
computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

false

role_health_suppression_catalogserver_memory_rss_health

true

Suppress Health Test: Process Status

Whether to suppress the results of the Process Status heath test. The results of suppressed health tests are ignored when computing
the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

false

role_health_suppression_catalogserver_scm_health

true

Suppress Health Test: Swap Memory Usage

Whether to suppress the results of the Swap Memory Usage heath test. The results of suppressed health tests are ignored when
computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

false

role_health_suppression_catalogserver_swap_memory_usage

true

Suppress Health Test: Unexpected Exits

Whether to suppress the results of the Unexpected Exits heath test. The results of suppressed health tests are ignored when
computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

false

role_health_suppression_catalogserver_unexpected_exits

true

Suppress Health Test: Web Server Status

Whether to suppress the results of the Web Server Status heath test. The results of suppressed health tests are ignored when
computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

false

role_health_suppression_catalogserver_web_metric_collection

true

impaladaemon

Advanced

Display Name

Description

Related Name

Default Value

API Name

Required

Abort on Config Error

Abort Impala startup if there are improper configs or running on unsupported hardware.

abort_on_config_error

true

abort_on_config_error

false

Impala Daemon Core Dump Directory

Directory where an Impala Daemon core dump is placed.

core_dump_dir

/var/log/impalad

core_dump_dir

false

Impala Daemon Hive Metastore Connection Timeout

Timeout for requests to the Hive Metastore Server from Impala. Consider increasing this if you have tables with a lot of metadata
and see timeout errors.

hive.metastore.client.socket.timeout

1 hour(s)

hive_metastore_timeout

false

Impala Daemon HDFS Advanced Configuration Snippet (Safety Valve)

For advanced use only, a string to be inserted into hdfs-site.xml for this role only.

impala_hdfs_site_conf_safety_valve

false

Impala Daemon Hive Advanced Configuration Snippet (Safety Valve)

For advanced use only, a string to be inserted into hive-site.xml for this role only.

An XML string to use verbatim for the contents of fair-scheduler.xml for Impala Daemons. This configuration only has effect on
Impala versions 1.3 or greater.

impalad_fair_scheduler_safety_valve

false

Impala Daemon HBase Advanced Configuration Snippet (Safety Valve)

For advanced use only, a string to be inserted into hbase-site.xml for this role only.

impalad_hbase_conf_safety_valve

false

Result Cache Maximum Size

Maximum number of query results a client may request to be cached on a per-query basis to support restarting fetches. This option
guards against unreasonably large result caches requested by clients. Requests exceeding this maximum will be rejected.

For advanced use only, key-value pairs (one on each line) to be inserted into a role's environment. Applies to configurations of
this role except client configuration.

IMPALAD_role_env_safety_valve

false

Llama Maximum Request Attempts

Maximum number of times a request to reserve, expand, or release resources is attempted until the request is cancelled.

llama_max_request_attempts

5

llama_max_request_attempts

false

Llama Registration Timeout Seconds

Maximum number of seconds that Impala attempts to register or re-register with Llama. If registration is unsuccessful, Impala
cancels the action with an error, which could result in an impalad startup failure or a cancelled query. A setting of -1 seconds means try indefinitely.

llama_registration_timeout_secs

30 second(s)

llama_registration_timeout_secs

false

Llama Registration Wait Seconds

Number of seconds to wait between attempts during Llama registration.

llama_registration_wait_secs

3 second(s)

llama_registration_wait_secs

false

Impala Daemon Logging Advanced Configuration Snippet (Safety Valve)

For advanced use only, a string to be inserted into log4j.properties for this role only.

log4j_safety_valve

false

Automatically Restart Process

When set, this role's process is automatically (and transparently) restarted in the event of an unexpected failure.

true

process_auto_restart

true

Logs

Display Name

Description

Related Name

Default Value

API Name

Required

Impala Daemon Audit Log Directory

The directory in which Impala daemon audit event log files are written. If "Impala Audit Event Generation" property is enabled,
Impala will generate its audit logs in this directory.

The maximum size (in queries) of the Impala Daemon audit event log file before a new one is created.

max_audit_event_log_file_size

5000 line(s)

max_audit_event_log_file_size

false

Impala Daemon Maximum Lineage Log File Size

The maximum size (in entries) of the Impala daemon lineage log file before a new one is created.

max_lineage_log_file_size

5000 line(s)

max_lineage_log_file_size

false

Impala Maximum Log Files

The number of log files that are kept for each severity level before all older log files are removed. The number has to be greater
than 1 to keep at least the current log file open. If set to 0, all log files are retained and log rotation is effectively disabled.

max_log_files

10

max_log_files

false

Impala Daemon Max Log Size

The maximum size, in megabytes, per log file for Impala Daemon logs. Typically used by log4j or logback.

200 MiB

max_log_size

false

Monitoring

Display Name

Description

Related Name

Default Value

API Name

Required

Enable Health Alerts for this Role

When set, Cloudera Manager will send alerts when the health of this role reaches the threshold specified by the EventServer setting
eventserver_health_events_alert_threshold

true

enable_alerts

false

Enable Configuration Change Alerts

When set, Cloudera Manager will send alerts when this entity's configuration changes.

false

enable_config_alerts

false

Query Monitoring Timeout

The timeout used by the Cloudera Manager Agent's query monitor when communicating with the Impala Daemon web server, specified in
seconds.

5.0 second(s)

executing_queries_timeout_seconds

false

Heap Dump Directory Free Space Monitoring Absolute Thresholds

The health test thresholds for monitoring of free space on the filesystem that contains this role's heap dump directory.

Warning: 10 GiB, Critical: 5 GiB

heap_dump_directory_free_space_absolute_thresholds

false

Heap Dump Directory Free Space Monitoring Percentage Thresholds

The health test thresholds for monitoring of free space on the filesystem that contains this role's heap dump directory. Specified
as a percentage of the capacity on that filesystem. This setting is not used if a Heap Dump Directory Free Space Monitoring Absolute Thresholds setting is configured.

Warning: Never, Critical: Never

heap_dump_directory_free_space_percentage_thresholds

false

Query Monitoring Failures Thresholds

The health test thresholds for failures encountered when monitoring queries within a recent period specified by the
impala_query_monitoring_failure_window configuration for the role.

Warning: Never, Critical: Any

impala_query_monitoring_failure_thresholds

false

Monitoring Period For Query Monitoring Failures

The period to review when computing query monitoring failures.

5 minute(s)

impala_query_monitoring_failure_window

false

Impala Daemon Query Collection Status Health Check

Enables the health check that determines if query collection for the Impala Daemon is successful.

true

impala_query_monitoring_status_check_enabled

false

Impala Daemon Connectivity Health Test

Enables the health test that verifies the Impala Daemon is connected to the StateStore.

true

impalad_connectivity_health_enabled

false

Impala Daemon Connectivity Tolerance at Startup

The amount of time to wait for the Impala Daemon to fully start up and connect to the StateStore before enforcing the connectivity
check.

3 minute(s)

impalad_connectivity_tolerance

false

File Descriptor Monitoring Thresholds

The health test thresholds of the number of file descriptors used. Specified as a percentage of file descriptor limit.

The health test thresholds for monitoring of free space on the filesystem that contains this role's Impala Daemon Scratch
Directories. Specified as a percentage of the capacity on that filesystem. This setting is not used if a Impala Daemon Scratch Directories Free Space Monitoring Absolute Thresholds setting is
configured.

Warning: Never, Critical: Never

impalad_scratch_directories_free_space_percentage_thresholds

false

Web Metric Collection

Enables the health test that the Cloudera Manager Agent can successfully contact and gather metrics from the web server.

true

impalad_web_metric_collection_enabled

false

Web Metric Collection Duration

The health test thresholds on the duration of the metrics request to the web server.

Warning: 10 second(s), Critical: Never

impalad_web_metric_collection_thresholds

false

Log Directory Free Space Monitoring Absolute Thresholds

The health test thresholds for monitoring of free space on the filesystem that contains this role's log directory.

Warning: 10 GiB, Critical: 5 GiB

log_directory_free_space_absolute_thresholds

false

Log Directory Free Space Monitoring Percentage Thresholds

The health test thresholds for monitoring of free space on the filesystem that contains this role's log directory. Specified as a
percentage of the capacity on that filesystem. This setting is not used if a Log Directory Free Space Monitoring Absolute Thresholds setting is configured.

Warning: Never, Critical: Never

log_directory_free_space_percentage_thresholds

false

Resident Set Size Thresholds

The health test thresholds on the resident size of the process.

Warning: Never, Critical: Never

process_resident_set_size_thresholds

false

Process Swap Memory Thresholds

The health test thresholds on the swap memory usage of the process.

Warning: Any, Critical: Any

process_swap_memory_thresholds

false

Query Monitoring Period

The polling period of the Impala query monitor in the Cloudera Manager Agent, specified in seconds. If set to zero, query monitoring
is disabled.

1.0 second(s)

query_monitoring_period_seconds

false

Role Triggers

The configured triggers for this role. This is a JSON formatted list of triggers. These triggers are evaluated as part as the health
system. Every trigger expression is parsed, and if the trigger condition is met, the list of actions provided in the trigger expression is executed. Each trigger has the following fields:

triggerName(mandatory) - The name of the trigger. This value must be unique for the specific role.

streamThreshold(optional) - The maximum number of streams that can satisfy a condition of a trigger before the condition
fires. By default set to 0, and any stream returned causes the condition to fire.

enabled(optional) - By default set to 'true'. If set to 'false', the trigger is not evaluated.

expressionEditorConfig(optional) - Metadata for the trigger editor. If present, the trigger should only be edited from the
Edit Trigger page; editing the trigger here can lead to inconsistencies.

For example, the following JSON formatted trigger configured for a DataNode fires if the DataNode has more than 1500 file descriptors opened:[{"triggerName": "sample-trigger",
"triggerExpression": "IF (SELECT fd_open WHERE roleName=$ROLENAME and last(fd_open) > 1500) DO health:bad", "streamThreshold": 0, "enabled": "true"}]See the trigger rules documentation for
more details on how to write triggers using tsquery.The JSON format is evolving and may change and, as a result, backward compatibility is not guaranteed between releases.

[]

role_triggers

true

Unexpected Exits Thresholds

The health test thresholds for unexpected exits encountered within a recent period specified by the unexpected_exits_window
configuration for the role.

Other

A list of key-value pairs of additional query options to pass to the Impala Daemon command line, separated by ','.

default_query_options

default_query_options

false

Impala Daemons Load Balancer

Address of the load balancer used for Impala daemons. Should be specified in host:port format. If this is specified and Kerberos is
enabled, Cloudera Manager adds a principal for 'impala/<load_balancer_host>@<realm>' to the keytab for all Impala daemons.

impalad_load_balancer

false

Local UDF Library Dir

User-defined function (UDF) libraries are copied from HDFS into this local directory.

local_library_dir

/var/lib/impala/udfs

local_library_dir

false

Impala Daemon Scratch Directories

Directories where Impala Daemon will write data such as spilling information to disk to free up memory. This can potentially be
large amounts of data.

scratch_dirs

scratch_dirs

false

Performance

Display Name

Description

Related Name

Default Value

API Name

Required

Libflood Short-Circuit Read CPU ID

Identifier of the CPU cores to use for the Libflood connection when performing short-circuit reads. The default value "all"
indicates that Libflood will automatically allocate a number of CPU cores equal to the value of Libflood Short-Circuit Read Command Queues. Alternatively, this parameter
may be set to one or more CPU identifiers (a comma-separated list of decimal integers), which may be obtained by running the "detect_cpu_id" script included in the DSSD DataNode parcel. See the
Hadoop Plugin Installation Guide for more information.

com.dssd.hadoop.floodds.scr.conn.cpus

all

com_dssd_hadoop_floodds_scr_conn_cpus

true

Libflood Short-Circuit Read Command Queue Depth

The depth of the command queues for the Libflood connection when performing short-circuit reads.

com.dssd.hadoop.floodds.scr.conn.qdepth

64

com_dssd_hadoop_floodds_scr_conn_qdepth

true

Libflood Short-Circuit Read Command Queues

The number of command queues to use for the Libflood connection when performing short-circuit reads.. Each queue is typically
attached to a CPU core. When Libflood Short-Circuit Read CPU ID is set to "all", this parameter controls the number of CPU cores allocated to the Libflood
connection.

com.dssd.hadoop.floodds.scr.conn.qmax

2

com_dssd_hadoop_floodds_scr_conn_qmax

true

Maximum Process File Descriptors

If configured, overrides the process soft and hard rlimits (also called ulimits) for file descriptors to the configured value.

rlimit_fds

false

Ports and Addresses

Display Name

Description

Related Name

Default Value

API Name

Required

Impala Daemon Backend Port

Port on which ImpalaBackendService is exported.

be_port

22000

be_port

false

Impala Daemon Beeswax Port

Port on which Beeswax client requests are served by Impala Daemons.

beeswax_port

21000

beeswax_port

false

Impala Daemon HiveServer2 Port

Port on which HiveServer2 client requests are served by Impala Daemons.

Resource Management

Display Name

Description

Related Name

Default Value

API Name

Required

Impala Daemon Memory Limit

Memory limit in bytes for Impala Daemon, enforced by the daemon itself. If reached, queries running on the Impala Daemon may be
killed. Leave it blank to let Impala pick its own limit. Use a value of -1 B to specify no limit.

mem_limit

impalad_memory_limit

false

Cgroup CPU Shares

Number of CPU shares to assign to this role. The greater the number of shares, the larger the share of the host's CPUs that will be
given to this role when the host experiences CPU contention. Must be between 2 and 262144. Defaults to 1024 for processes not managed by Cloudera Manager.

cpu.shares

1024

rm_cpu_shares

true

Cgroup I/O Weight

Weight for the read I/O requests issued by this role. The greater the weight, the higher the priority of the requests when the host
experiences I/O contention. Must be between 100 and 1000. Defaults to 1000 for processes not managed by Cloudera Manager.

blkio.weight

500

rm_io_weight

true

Cgroup Memory Hard Limit

Hard memory limit to assign to this role, enforced by the Linux kernel. When the limit is reached, the kernel will reclaim pages
charged to the process. If reclaiming fails, the kernel may kill the process. Both anonymous as well as page cache pages contribute to the limit. Use a value of -1 B to specify no limit. By default
processes not managed by Cloudera Manager will have no limit.

memory.limit_in_bytes

-1 MiB

rm_memory_hard_limit

true

Cgroup Memory Soft Limit

Soft memory limit to assign to this role, enforced by the Linux kernel. When the limit is reached, the kernel will reclaim pages
charged to the process if and only if the host is facing memory pressure. If reclaiming fails, the kernel may kill the process. Both anonymous as well as page cache pages contribute to the limit. Use
a value of -1 B to specify no limit. By default processes not managed by Cloudera Manager will have no limit.

memory.soft_limit_in_bytes

-1 MiB

rm_memory_soft_limit

true

Security

Display Name

Description

Related Name

Default Value

API Name

Required

Disk Spill Encryption

Encrypt and verify the integrity of all data spilled to disk as part of a query. This feature is only supported for Impala 2.0 and
higher and CDH 5.2 and higher (which includes Impala 2.0).

disk_spill_encryption

false

disk_spill_encryption

false

LDAP Server CA Certificate

The location on disk of the certificate, in .pem format, used to confirm the authenticity of the LDAP server certificate. This is
the Certificate Authority (CA) certificate, and it was used to sign the LDAP server certificate. If not set, all certificates are trusted, which means that an attacker could potentially intercept
otherwise encrypted usernames and passwords.

ldap_ca_certificate

impalad_ldap_ca_certificate

false

Impala Daemon Webserver TLS/SSL Server Certificate File (PEM Format)

The path to the TLS/SSL file containing the server certificate key used for TLS/SSL. Used when Impala Daemon Webserver is acting as
a TLS/SSL server. The certificate file must be in PEM format.

webserver_certificate_file

webserver_certificate_file

false

Impala Daemon Web Server User Password

Password for Impala Daemon webserver authentication.

webserver_htpassword_password

webserver_htpassword_password

false

Impala Daemon Web Server Username

Username for Impala Daemon webserver authentication.

webserver_htpassword_user

webserver_htpassword_user

false

Impala Daemon Webserver TLS/SSL Server Private Key File (PEM Format)

The path to the TLS/SSL file containing the private key used for TLS/SSL. Used when Impala Daemon Webserver is acting as a TLS/SSL
server. The certificate file must be in PEM format.

webserver_private_key_file

webserver_private_key_file

false

Impala Daemon Webserver TLS/SSL Private Key Password

The password for the private key in the Impala Daemon Webserver TLS/SSL Server Certificate and Private Key file. If left blank, the
private key is not protected by a password.

webserver_private_key_password_cmd

webserver_private_key_password_cmd

false

Suppressions

Display Name

Description

Related Name

Default Value

API Name

Required

Suppress Parameter Validation: Impala Daemon Audit Log Directory

Whether to suppress configuration warnings produced by the built-in parameter validation for the Impala Daemon Audit Log Directory
parameter.

false

role_config_suppression_audit_event_log_dir

true

Suppress Configuration Validator: CDH Version Validator

Whether to suppress configuration warnings produced by the CDH Version Validator configuration validator.

false

role_config_suppression_cdh_version_validator

true

Suppress Parameter Validation: Libflood Short-Circuit Read CPU ID

Whether to suppress configuration warnings produced by the built-in parameter validation for the Libflood Short-Circuit Read CPU ID
parameter.

false

role_config_suppression_com_dssd_hadoop_floodds_scr_conn_cpus

true

Suppress Parameter Validation: Impala Daemon Core Dump Directory

Whether to suppress configuration warnings produced by the built-in parameter validation for the Impala Daemon Core Dump Directory
parameter.

Whether to suppress the results of the StateStore Connectivity heath test. The results of suppressed health tests are ignored when
computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

false

role_health_suppression_impalad_connectivity

true

Suppress Health Test: File Descriptors

Whether to suppress the results of the File Descriptors heath test. The results of suppressed health tests are ignored when
computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

false

role_health_suppression_impalad_file_descriptor

true

Suppress Health Test: Heap Dump Directory Free Space

Whether to suppress the results of the Heap Dump Directory Free Space heath test. The results of suppressed health tests are ignored
when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

false

role_health_suppression_impalad_heap_dump_directory_free_space

true

Suppress Health Test: Host Health

Whether to suppress the results of the Host Health heath test. The results of suppressed health tests are ignored when computing the
overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

false

role_health_suppression_impalad_host_health

true

Suppress Health Test: Log Directory Free Space

Whether to suppress the results of the Log Directory Free Space heath test. The results of suppressed health tests are ignored when
computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

false

role_health_suppression_impalad_log_directory_free_space

true

Suppress Health Test: Resident Set Size

Whether to suppress the results of the Resident Set Size heath test. The results of suppressed health tests are ignored when
computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

false

role_health_suppression_impalad_memory_rss_health

true

Suppress Health Test: Query Monitoring Status Check

Whether to suppress the results of the Query Monitoring Status Check heath test. The results of suppressed health tests are ignored
when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

false

role_health_suppression_impalad_query_monitoring_status

true

Suppress Health Test: Impala Daemon Ready Check

Whether to suppress the results of the Impala Daemon Ready Check heath test. The results of suppressed health tests are ignored when
computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

false

role_health_suppression_impalad_ready_status

true

Suppress Health Test: Process Status

Whether to suppress the results of the Process Status heath test. The results of suppressed health tests are ignored when computing
the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

false

role_health_suppression_impalad_scm_health

true

Suppress Health Test: Impala Daemon Scratch Directories Free Space

Whether to suppress the results of the Impala Daemon Scratch Directories Free Space heath test. The results of suppressed health
tests are ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

false

role_health_suppression_impalad_scratch_directories_free_space

true

Suppress Health Test: Swap Memory Usage

Whether to suppress the results of the Swap Memory Usage heath test. The results of suppressed health tests are ignored when
computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

false

role_health_suppression_impalad_swap_memory_usage

true

Suppress Health Test: Unexpected Exits

Whether to suppress the results of the Unexpected Exits heath test. The results of suppressed health tests are ignored when
computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

false

role_health_suppression_impalad_unexpected_exits

true

Suppress Health Test: Web Server Status

Whether to suppress the results of the Web Server Status heath test. The results of suppressed health tests are ignored when
computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

false

role_health_suppression_impalad_web_metric_collection

true

impalallamaapplicationmaster

Advanced

Display Name

Description

Related Name

Default Value

API Name

Required

Enable Resource Caching

Whether Llama should cache allocated resources on release.

llama.am.cache.enabled

true

llama_am_cache_enabled

false

Resource Caching Idle Timeout

Timeout policy for resources being cached.

llama.am.cache.eviction.timeout.policy.idle.timeout.ms

30 second(s)

llama_am_cache_eviction_timeout_policy_idle_timeout_ms

false

Anti-Deadlock Backoff Percentage

Percentage of resources that will be backed off by the Impala ApplicationMaster anti-deadlock logic. Random reservations will be
backed off until the percentage of backed off resources reaches this percentage.

llama.am.gang.anti.deadlock.backoff.percent

30 %

llama_am_gang_anti_deadlock_backoff_percent

false

Anti-Deadlock Maximum Delay

Maximum amount of time the backed off reservations will be in 'backed off' state. The actual amount time is a random value between
the minimum and the maximum.

llama.am.gang.anti.deadlock.max_delay_ms

30 second(s)

llama_am_gang_anti_deadlock_max_delay_ms

false

Anti-Deadlock Minimum Delay

Minimum amount of time the backed off reservations will be in 'backed off' state. The actual amount time is a random value between
the minimum and the maximum.

llama.am.gang.anti.deadlock.min_delay_ms

10 second(s)

llama_am_gang_anti_deadlock_min_delay_ms

false

Anti-Deadlock No Allocation Limit Interval

Interval of time without any new allocation that will trigger the Impala ApplicationMaster anti-deadlock logic.

llama.am.gang.anti.deadlock.no.allocation.limit.ms

30 second(s)

llama_am_gang_anti_deadlock_no_allocation_limit_ms

false

Enable Resource Cache Normalization

Whether to break resource requests into smaller requests of standard size before the resource cache. The sizes are taken from Yarn
settings Container Memory Increment and Container Virtual CPU Cores Increment.

llama.am.resource.normalizing.enabled

true

llama_am_resource_normalizing_enabled

false

Maximum Client Notification Retries

Maximum number of retries for a client notification. After the maximum number of client notification retries has been reached
without success the client is considered lost and all its reservations are released. A successful client notification resets the retries count.

For advanced use only. A string to be inserted into llama-site.xml for this role only.

llama_config_valve

false

Fair Scheduler XML Advanced Configuration Snippet (Safety Valve)

Enter an XML string that will be inserted verbatim into the Fair Scheduler allocations file. Overrides the configuration set using
the Pools configuration UI. This configuration only has effect on Impala versions 1.3 or greater.

llama_fair_scheduler_safety_valve

false

Java Configuration Options for Llama Server

These arguments will be passed as part of the Java command line. Commonly, garbage collection flags or extra debugging flags would
be passed here.

For advanced use only, a string to be inserted into log4j.properties for this role only.

log4j_safety_valve

false

Heap Dump Directory

Path to directory where heap dumps are generated when java.lang.OutOfMemoryError error is thrown. This directory is automatically
created if it does not exist. If this directory already exists, role user must have write access to this directory. If this directory is shared among multiple roles, it should have 1777 permissions.
The heap dump files are created with 600 permissions and are owned by the role user. The amount of free space in this directory should be greater than the maximum Java Process heap size configured
for this role.

oom_heap_dump_dir

/tmp

oom_heap_dump_dir

false

Dump Heap When Out of Memory

When set, generates heap dump file when java.lang.OutOfMemoryError is thrown.

false

oom_heap_dump_enabled

true

Kill When Out of Memory

When set, a SIGKILL signal is sent to the role process when java.lang.OutOfMemoryError is thrown.

true

oom_sigkill_enabled

true

Automatically Restart Process

When set, this role's process is automatically (and transparently) restarted in the event of an unexpected failure.

true

process_auto_restart

true

Llama System Group

The group that the Llama processes should run as.

llama

process_groupname

true

Llama System User

The user that the Llama process should run as.

llama

process_username

true

Logs

Display Name

Description

Related Name

Default Value

API Name

Required

Llama Log Directory

Directory where Llama will place its log files.

llama_log_dir

/var/log/impala-llama

llama_log_dir

false

Impala Llama ApplicationMaster Logging Threshold

The minimum log level for Impala Llama ApplicationMaster logs

INFO

log_threshold

false

Impala Llama ApplicationMaster Maximum Log File Backups

The maximum number of rolled log files to keep for Impala Llama ApplicationMaster logs. Typically used by log4j or logback.

10

max_log_backup_index

false

Impala Llama ApplicationMaster Max Log Size

The maximum size, in megabytes, per log file for Impala Llama ApplicationMaster logs. Typically used by log4j or logback.

200 MiB

max_log_size

false

Monitoring

Display Name

Description

Related Name

Default Value

API Name

Required

Enable Health Alerts for this Role

When set, Cloudera Manager will send alerts when the health of this role reaches the threshold specified by the EventServer setting
eventserver_health_events_alert_threshold

true

enable_alerts

false

Enable Configuration Change Alerts

When set, Cloudera Manager will send alerts when this entity's configuration changes.

false

enable_config_alerts

false

Heap Dump Directory Free Space Monitoring Absolute Thresholds

The health test thresholds for monitoring of free space on the filesystem that contains this role's heap dump directory.

Warning: 10 GiB, Critical: 5 GiB

heap_dump_directory_free_space_absolute_thresholds

false

Heap Dump Directory Free Space Monitoring Percentage Thresholds

The health test thresholds for monitoring of free space on the filesystem that contains this role's heap dump directory. Specified
as a percentage of the capacity on that filesystem. This setting is not used if a Heap Dump Directory Free Space Monitoring Absolute Thresholds setting is configured.

Warning: Never, Critical: Never

heap_dump_directory_free_space_percentage_thresholds

false

File Descriptor Monitoring Thresholds

The health test thresholds of the number of file descriptors used. Specified as a percentage of file descriptor limit.

Enables the health test that the Impala Llama ApplicationMaster's process state is consistent with the role configuration

true

llama_scm_health_enabled

false

Log Directory Free Space Monitoring Absolute Thresholds

The health test thresholds for monitoring of free space on the filesystem that contains this role's log directory.

Warning: 10 GiB, Critical: 5 GiB

log_directory_free_space_absolute_thresholds

false

Log Directory Free Space Monitoring Percentage Thresholds

The health test thresholds for monitoring of free space on the filesystem that contains this role's log directory. Specified as a
percentage of the capacity on that filesystem. This setting is not used if a Log Directory Free Space Monitoring Absolute Thresholds setting is configured.

Warning: Never, Critical: Never

log_directory_free_space_percentage_thresholds

false

Process Swap Memory Thresholds

The health test thresholds on the swap memory usage of the process.

Warning: Any, Critical: Never

process_swap_memory_thresholds

false

Role Triggers

The configured triggers for this role. This is a JSON formatted list of triggers. These triggers are evaluated as part as the health
system. Every trigger expression is parsed, and if the trigger condition is met, the list of actions provided in the trigger expression is executed. Each trigger has the following fields:

triggerName(mandatory) - The name of the trigger. This value must be unique for the specific role.

streamThreshold(optional) - The maximum number of streams that can satisfy a condition of a trigger before the condition
fires. By default set to 0, and any stream returned causes the condition to fire.

enabled(optional) - By default set to 'true'. If set to 'false', the trigger is not evaluated.

expressionEditorConfig(optional) - Metadata for the trigger editor. If present, the trigger should only be edited from the
Edit Trigger page; editing the trigger here can lead to inconsistencies.

For example, the following JSON formatted trigger configured for a DataNode fires if the DataNode has more than 1500 file descriptors opened:[{"triggerName": "sample-trigger",
"triggerExpression": "IF (SELECT fd_open WHERE roleName=$ROLENAME and last(fd_open) > 1500) DO health:bad", "streamThreshold": 0, "enabled": "true"}]See the trigger rules documentation for
more details on how to write triggers using tsquery.The JSON format is evolving and may change and, as a result, backward compatibility is not guaranteed between releases.

[]

role_triggers

true

Unexpected Exits Thresholds

The health test thresholds for unexpected exits encountered within a recent period specified by the unexpected_exits_window
configuration for the role.

Warning: Never, Critical: Any

unexpected_exits_thresholds

false

Unexpected Exits Monitoring Period

The period to review when computing unexpected exits.

5 minute(s)

unexpected_exits_window

false

Other

Display Name

Description

Related Name

Default Value

API Name

Required

Core Queues

Queues Llama ApplicationMaster should connect to at start up.

llama.am.core.queues

llama_am_core_queues

false

Administrative Interface ACLs

ACL for Impala ApplicationMaster admins. The ACL is a comma-separated list of user and group names. The user and group list is
separated by a blank. For e.g. "alice,bob users,wheel". A special value of "*" means all users are allowed. These take effect only if security is enabled.

llama.am.server.thrift.admin.acl

*

llama_am_server_thrift_admin_acl

false

Client ACLs

ACL for Impala ApplicationMaster clients. The ACL is a comma-separated list of user and group names. The user and group list is
separated by a blank. For e.g. "alice,bob users,wheel". A special value of "*" means all users are allowed. These take effect only if security is enabled.

llama.am.server.thrift.client.acl

*

llama_am_server_thrift_client_acl

false

Performance

Display Name

Description

Related Name

Default Value

API Name

Required

Queue Expiration Age

Time in milliseconds after which Llama will discard its AM for a queue that has been empty of reservations. Does not apply to queues
specified with the Core Queues property.

llama.am.queue.expire.ms

5 minute(s)

llama_am_queue_expire_ms

false

AM Heartbeat Interval

Llama ApplicationMaster heartbeat interval, in milliseconds. On each heartbeat the ApplicationMaster submits new reservations to
YARN ResourceManager and gets updates from it.

llama.am.server.thrift.client.notifier.heartbeat.ms

5 second(s)

llama_am_server_thrift_client_notifier_heartbeat_ms

false

Thrift Server Maximum Threads

Maximum number of threads used by the Llama ApplicationMaster auxiliary service uses for serving client requests.

llama.am.server.thrift.server.max.threads

50

llama_am_server_thrift_server_max_threads

false

Thrift Server Minimum Threads

Minimum number of threads used by the Llama ApplicationMaster auxiliary service uses for serving client requests.

llama.am.server.thrift.server.min.threads

10

llama_am_server_thrift_server_min_threads

false

Thrift Transport Timeout

Socket time, in milliseconds, used Llama ApplicationMaster auxiliary service for all its server and client Thrift connections.

llama.am.server.thrift.transport.timeout.ms

1 minute(s)

llama_am_server_thrift_transport_timeout_ms

false

Maximum Process File Descriptors

If configured, overrides the process soft and hard rlimits (also called ulimits) for file descriptors to the configured value.

rlimit_fds

false

Ports and Addresses

Display Name

Description

Related Name

Default Value

API Name

Required

Llama Thrift Admin Port

Port on which the Llama ApplicationMaster listens to administrative requests on its administrative Thrift interface.

llama.am.server.thrift.admin.address

15002

llama_am_server_thrift_admin_address

false

Bind Impala Llama ApplicationMaster to Wildcard Address

If enabled, the Impala Llama ApplicationMaster binds to the wildcard address ("0.0.0.0") on all of its ports.

false

llama_bind_wildcard

false

Llama HTTP Port

Port on which the Llama ApplicationMaster listens to HTTP requests.

llama.am.server.thrift.http.address

15001

llama_http_port

false

Llama Thrift Port

Port on which the Llama ApplicationMaster serves its Thrift interface.

Number of CPU shares to assign to this role. The greater the number of shares, the larger the share of the host's CPUs that will be
given to this role when the host experiences CPU contention. Must be between 2 and 262144. Defaults to 1024 for processes not managed by Cloudera Manager.

cpu.shares

1024

rm_cpu_shares

true

Cgroup I/O Weight

Weight for the read I/O requests issued by this role. The greater the weight, the higher the priority of the requests when the host
experiences I/O contention. Must be between 100 and 1000. Defaults to 1000 for processes not managed by Cloudera Manager.

blkio.weight

500

rm_io_weight

true

Cgroup Memory Hard Limit

Hard memory limit to assign to this role, enforced by the Linux kernel. When the limit is reached, the kernel will reclaim pages
charged to the process. If reclaiming fails, the kernel may kill the process. Both anonymous as well as page cache pages contribute to the limit. Use a value of -1 B to specify no limit. By default
processes not managed by Cloudera Manager will have no limit.

memory.limit_in_bytes

-1 MiB

rm_memory_hard_limit

true

Cgroup Memory Soft Limit

Soft memory limit to assign to this role, enforced by the Linux kernel. When the limit is reached, the kernel will reclaim pages
charged to the process if and only if the host is facing memory pressure. If reclaiming fails, the kernel may kill the process. Both anonymous as well as page cache pages contribute to the limit. Use
a value of -1 B to specify no limit. By default processes not managed by Cloudera Manager will have no limit.

memory.soft_limit_in_bytes

-1 MiB

rm_memory_soft_limit

true

Security

Display Name

Description

Related Name

Default Value

API Name

Required

Role-Specific Kerberos Principal

Kerberos principal used by the Impala Llama ApplicationMaster roles.

llama

kerberos_role_princ_name

true

Stacks Collection

Display Name

Description

Related Name

Default Value

API Name

Required

Stacks Collection Data Retention

The amount of stacks data that is retained. After the retention limit is reached, the oldest data is deleted.

stacks_collection_data_retention

100 MiB

stacks_collection_data_retention

false

Stacks Collection Directory

The directory in which stacks logs are placed. If not set, stacks are logged into a stacks
subdirectory of the role's log directory.

stacks_collection_directory

stacks_collection_directory

false

Stacks Collection Enabled

Whether or not periodic stacks collection is enabled.

stacks_collection_enabled

false

stacks_collection_enabled

true

Stacks Collection Frequency

The frequency with which stacks are collected.

stacks_collection_frequency

5.0 second(s)

stacks_collection_frequency

false

Stacks Collection Method

The method used to collect stacks. The jstack option involves periodically running the jstack command against the role's daemon
process. The servlet method is available for those roles that have an HTTP server endpoint exposing the current stacks traces of all threads. When the servlet method is selected, that HTTP endpoint
is periodically scraped.

stacks_collection_method

jstack

stacks_collection_method

false

Suppressions

Display Name

Description

Related Name

Default Value

API Name

Required

Suppress Configuration Validator: CDH Version Validator

Whether to suppress configuration warnings produced by the CDH Version Validator configuration validator.

false

role_config_suppression_cdh_version_validator

true

Suppress Parameter Validation: Role-Specific Kerberos Principal

Whether to suppress configuration warnings produced by the built-in parameter validation for the Role-Specific Kerberos Principal
parameter.

false

role_config_suppression_kerberos_role_princ_name

true

Suppress Parameter Validation: Core Queues

Whether to suppress configuration warnings produced by the built-in parameter validation for the Core Queues parameter.

false

role_config_suppression_llama_am_core_queues

true

Suppress Parameter Validation: Administrative Interface ACLs

Whether to suppress configuration warnings produced by the built-in parameter validation for the Administrative Interface ACLs
parameter.

false

role_config_suppression_llama_am_server_thrift_admin_acl

true

Suppress Parameter Validation: Client ACLs

Whether to suppress configuration warnings produced by the built-in parameter validation for the Client ACLs parameter.

Whether to suppress configuration warnings produced by the built-in parameter validation for the Heap Dump Directory parameter.

false

role_config_suppression_oom_heap_dump_dir

true

Suppress Parameter Validation: Llama System Group

Whether to suppress configuration warnings produced by the built-in parameter validation for the Llama System Group parameter.

false

role_config_suppression_process_groupname

true

Suppress Parameter Validation: Llama System User

Whether to suppress configuration warnings produced by the built-in parameter validation for the Llama System User parameter.

false

role_config_suppression_process_username

true

Suppress Parameter Validation: Role Triggers

Whether to suppress configuration warnings produced by the built-in parameter validation for the Role Triggers parameter.

false

role_config_suppression_role_triggers

true

Suppress Parameter Validation: Stacks Collection Directory

Whether to suppress configuration warnings produced by the built-in parameter validation for the Stacks Collection Directory
parameter.

false

role_config_suppression_stacks_collection_directory

true

Suppress Health Test: File Descriptors

Whether to suppress the results of the File Descriptors heath test. The results of suppressed health tests are ignored when
computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

false

role_health_suppression_llama_file_descriptor

true

Suppress Health Test: Heap Dump Directory Free Space

Whether to suppress the results of the Heap Dump Directory Free Space heath test. The results of suppressed health tests are ignored
when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

false

role_health_suppression_llama_heap_dump_directory_free_space

true

Suppress Health Test: Host Health

Whether to suppress the results of the Host Health heath test. The results of suppressed health tests are ignored when computing the
overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

false

role_health_suppression_llama_host_health

true

Suppress Health Test: Log Directory Free Space

Whether to suppress the results of the Log Directory Free Space heath test. The results of suppressed health tests are ignored when
computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

false

role_health_suppression_llama_log_directory_free_space

true

Suppress Health Test: Process Status

Whether to suppress the results of the Process Status heath test. The results of suppressed health tests are ignored when computing
the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

false

role_health_suppression_llama_scm_health

true

Suppress Health Test: Swap Memory Usage

Whether to suppress the results of the Swap Memory Usage heath test. The results of suppressed health tests are ignored when
computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

false

role_health_suppression_llama_swap_memory_usage

true

Suppress Health Test: Unexpected Exits

Whether to suppress the results of the Unexpected Exits heath test. The results of suppressed health tests are ignored when
computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

false

role_health_suppression_llama_unexpected_exits

true

impalastatestore

Advanced

Display Name

Description

Related Name

Default Value

API Name

Required

StateStore Core Dump Directory

Directory where a StateStore core dump is placed.

core_dump_dir

/var/log/statestore

core_dump_dir

false

Automatically Restart Process

When set, this role's process is automatically (and transparently) restarted in the event of an unexpected failure.

The number of log files that are kept for each severity level before all older log files are removed. The number has to be greater
than 1 to keep at least the current log file open. If set to 0, all log files are retained and log rotation is effectively disabled.

max_log_files

10

max_log_files

false

Impala StateStore Max Log Size

The maximum size, in megabytes, per log file for Impala StateStore logs. Typically used by log4j or logback.

200 MiB

max_log_size

false

Monitoring

Display Name

Description

Related Name

Default Value

API Name

Required

Enable Health Alerts for this Role

When set, Cloudera Manager will send alerts when the health of this role reaches the threshold specified by the EventServer setting
eventserver_health_events_alert_threshold

true

enable_alerts

false

Enable Configuration Change Alerts

When set, Cloudera Manager will send alerts when this entity's configuration changes.

false

enable_config_alerts

false

Heap Dump Directory Free Space Monitoring Absolute Thresholds

The health test thresholds for monitoring of free space on the filesystem that contains this role's heap dump directory.

Warning: 10 GiB, Critical: 5 GiB

heap_dump_directory_free_space_absolute_thresholds

false

Heap Dump Directory Free Space Monitoring Percentage Thresholds

The health test thresholds for monitoring of free space on the filesystem that contains this role's heap dump directory. Specified
as a percentage of the capacity on that filesystem. This setting is not used if a Heap Dump Directory Free Space Monitoring Absolute Thresholds setting is configured.

Warning: Never, Critical: Never

heap_dump_directory_free_space_percentage_thresholds

false

Log Directory Free Space Monitoring Absolute Thresholds

The health test thresholds for monitoring of free space on the filesystem that contains this role's log directory.

Warning: 10 GiB, Critical: 5 GiB

log_directory_free_space_absolute_thresholds

false

Log Directory Free Space Monitoring Percentage Thresholds

The health test thresholds for monitoring of free space on the filesystem that contains this role's log directory. Specified as a
percentage of the capacity on that filesystem. This setting is not used if a Log Directory Free Space Monitoring Absolute Thresholds setting is configured.

Warning: Never, Critical: Never

log_directory_free_space_percentage_thresholds

false

Resident Set Size Thresholds

The health test thresholds on the resident size of the process.

Warning: Never, Critical: Never

process_resident_set_size_thresholds

false

Process Swap Memory Thresholds

The health test thresholds on the swap memory usage of the process.

Warning: Any, Critical: Never

process_swap_memory_thresholds

false

Role Triggers

The configured triggers for this role. This is a JSON formatted list of triggers. These triggers are evaluated as part as the health
system. Every trigger expression is parsed, and if the trigger condition is met, the list of actions provided in the trigger expression is executed. Each trigger has the following fields:

triggerName(mandatory) - The name of the trigger. This value must be unique for the specific role.

streamThreshold(optional) - The maximum number of streams that can satisfy a condition of a trigger before the condition
fires. By default set to 0, and any stream returned causes the condition to fire.

enabled(optional) - By default set to 'true'. If set to 'false', the trigger is not evaluated.

expressionEditorConfig(optional) - Metadata for the trigger editor. If present, the trigger should only be edited from the
Edit Trigger page; editing the trigger here can lead to inconsistencies.

For example, the following JSON formatted trigger configured for a DataNode fires if the DataNode has more than 1500 file descriptors opened:[{"triggerName": "sample-trigger",
"triggerExpression": "IF (SELECT fd_open WHERE roleName=$ROLENAME and last(fd_open) > 1500) DO health:bad", "streamThreshold": 0, "enabled": "true"}]See the trigger rules documentation for
more details on how to write triggers using tsquery.The JSON format is evolving and may change and, as a result, backward compatibility is not guaranteed between releases.

[]

role_triggers

true

File Descriptor Monitoring Thresholds

The health test thresholds of the number of file descriptors used. Specified as a percentage of file descriptor limit.

Performance

If configured, overrides the process soft and hard rlimits (also called ulimits) for file descriptors to the configured value.

rlimit_fds

false

StateStore Worker Threads

Number of worker threads for the thread manager underlying the StateStore Thrift server.

state_store_num_server_worker_threads

4

state_store_num_server_worker_threads

false

Maximum StateStore Pending Tasks

Maximum number of tasks allowed to be pending at the thread manager underlying the StateStore Thrift server (0 allows infinitely
many pending tasks)

state_store_pending_task_count_max

0

state_store_pending_task_count_max

false

Ports and Addresses

Display Name

Description

Related Name

Default Value

API Name

Required

StateStore Service Port

Port where StateStoreService is exported.

state_store_port

24000

state_store_port

false

StateStore HTTP Server Port

Port where StateStore debug web server runs.

webserver_port

25010

statestore_webserver_port

false

Resource Management

Display Name

Description

Related Name

Default Value

API Name

Required

Cgroup CPU Shares

Number of CPU shares to assign to this role. The greater the number of shares, the larger the share of the host's CPUs that will be
given to this role when the host experiences CPU contention. Must be between 2 and 262144. Defaults to 1024 for processes not managed by Cloudera Manager.

cpu.shares

1024

rm_cpu_shares

true

Cgroup I/O Weight

Weight for the read I/O requests issued by this role. The greater the weight, the higher the priority of the requests when the host
experiences I/O contention. Must be between 100 and 1000. Defaults to 1000 for processes not managed by Cloudera Manager.

blkio.weight

500

rm_io_weight

true

Cgroup Memory Hard Limit

Hard memory limit to assign to this role, enforced by the Linux kernel. When the limit is reached, the kernel will reclaim pages
charged to the process. If reclaiming fails, the kernel may kill the process. Both anonymous as well as page cache pages contribute to the limit. Use a value of -1 B to specify no limit. By default
processes not managed by Cloudera Manager will have no limit.

memory.limit_in_bytes

-1 MiB

rm_memory_hard_limit

true

Cgroup Memory Soft Limit

Soft memory limit to assign to this role, enforced by the Linux kernel. When the limit is reached, the kernel will reclaim pages
charged to the process if and only if the host is facing memory pressure. If reclaiming fails, the kernel may kill the process. Both anonymous as well as page cache pages contribute to the limit. Use
a value of -1 B to specify no limit. By default processes not managed by Cloudera Manager will have no limit.

memory.soft_limit_in_bytes

-1 MiB

rm_memory_soft_limit

true

Security

Display Name

Description

Related Name

Default Value

API Name

Required

StateStore Webserver TLS/SSL Server Certificate File (PEM Format)

The path to the TLS/SSL file containing the server certificate key used for TLS/SSL. Used when StateStore Webserver is acting as a
TLS/SSL server. The certificate file must be in PEM format.

webserver_certificate_file

webserver_certificate_file

false

Statestore Web Server User Password

Password for Statestore webserver authentication.

webserver_htpassword_password

webserver_htpassword_password

false

Statestore Web Server Username

Username for Statestore webserver authentication.

webserver_htpassword_user

webserver_htpassword_user

false

StateStore Webserver TLS/SSL Server Private Key File (PEM Format)

The path to the TLS/SSL file containing the private key used for TLS/SSL. Used when StateStore Webserver is acting as a TLS/SSL
server. The certificate file must be in PEM format.

webserver_private_key_file

webserver_private_key_file

false

StateStore Webserver TLS/SSL Private Key Password

The password for the private key in the StateStore Webserver TLS/SSL Server Certificate and Private Key file. If left blank, the
private key is not protected by a password.

webserver_private_key_password_cmd

webserver_private_key_password_cmd

false

Suppressions

Display Name

Description

Related Name

Default Value

API Name

Required

Suppress Configuration Validator: CDH Version Validator

Whether to suppress configuration warnings produced by the CDH Version Validator configuration validator.

false

role_config_suppression_cdh_version_validator

true

Suppress Parameter Validation: StateStore Core Dump Directory

Whether to suppress configuration warnings produced by the built-in parameter validation for the StateStore Core Dump Directory
parameter.

false

role_config_suppression_core_dump_dir

true

Suppress Parameter Validation: StateStore Log Directory

Whether to suppress configuration warnings produced by the built-in parameter validation for the StateStore Log Directory
parameter.

false

role_config_suppression_log_dir

true

Suppress Parameter Validation: Role Triggers

Whether to suppress configuration warnings produced by the built-in parameter validation for the Role Triggers parameter.

Whether to suppress configuration warnings produced by the built-in parameter validation for the StateStore Webserver TLS/SSL
Private Key Password parameter.

false

role_config_suppression_webserver_private_key_password_cmd

true

Suppress Health Test: File Descriptors

Whether to suppress the results of the File Descriptors heath test. The results of suppressed health tests are ignored when
computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

false

role_health_suppression_statestore_file_descriptor

true

Suppress Health Test: Heap Dump Directory Free Space

Whether to suppress the results of the Heap Dump Directory Free Space heath test. The results of suppressed health tests are
ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

false

role_health_suppression_statestore_heap_dump_directory_free_space

true

Suppress Health Test: Host Health

Whether to suppress the results of the Host Health heath test. The results of suppressed health tests are ignored when computing
the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

false

role_health_suppression_statestore_host_health

true

Suppress Health Test: Log Directory Free Space

Whether to suppress the results of the Log Directory Free Space heath test. The results of suppressed health tests are ignored when
computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

false

role_health_suppression_statestore_log_directory_free_space

true

Suppress Health Test: Resident Set Size

Whether to suppress the results of the Resident Set Size heath test. The results of suppressed health tests are ignored when
computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

false

role_health_suppression_statestore_memory_rss_health

true

Suppress Health Test: Process Status

Whether to suppress the results of the Process Status heath test. The results of suppressed health tests are ignored when computing
the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

false

role_health_suppression_statestore_scm_health

true

Suppress Health Test: Swap Memory Usage

Whether to suppress the results of the Swap Memory Usage heath test. The results of suppressed health tests are ignored when
computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

false

role_health_suppression_statestore_swap_memory_usage

true

Suppress Health Test: Unexpected Exits

Whether to suppress the results of the Unexpected Exits heath test. The results of suppressed health tests are ignored when
computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

false

role_health_suppression_statestore_unexpected_exits

true

Suppress Health Test: Web Server Status

Whether to suppress the results of the Web Server Status heath test. The results of suppressed health tests are ignored when
computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

false

role_health_suppression_statestore_web_metric_collection

true

service_wide

Admission Control

Display Name

Description

Related Name

Default Value

API Name

Required

Enable Dynamic Resource Pools

Use Dynamic Resource Pools to configure Impala admission control or RM for this Impala service. These features are only supported
in Impala 1.3 or higher deployments.

false

admission_control_enabled

false

Admission Control Queue Timeout

Maximum amount of time (in milliseconds) that a request waits to be admitted before timing out. Must be a positive integer.

queue_wait_timeout_ms

1 minute(s)

admission_control_queue_timeout

false

Single Pool Max Queued Queries

Configures the maximum number of queued queries for admission control when using a single pool. -1 or 0 disables queuing, i.e.
incoming requests are rejected if they can not be executed immediately. Ignored when Dynamic Resource Pools for Admission Control is enabled.

default_pool_max_queued

200

admission_control_single_pool_max_queued

false

Single Pool Max Running Queries

Configures the maximum number of concurrently running queries for admission control when using a single pool. -1 indicates no limit
and 0 indicates all incoming requests will be rejected. Ignored when Dynamic Resource Pools for Admission Control is enabled.

default_pool_max_requests

200

admission_control_single_pool_max_requests

false

Single Pool Mem Limit

Configures the max memory of running queries for admission control when using a single pool. -1 or 0 indicates no limit. Ignored
when Dynamic Resource Pools for Admission Control is enabled.

default_pool_mem_limit

-1 B

admission_control_single_pool_mem_limit

false

Enable Impala Admission Control

Use Impala Admission Control to throttle Impala requests. Unless 'Enable Dynamic Resource Pools' is enabled, Impala uses a single,
default pool that is configured using the Single Pool configurations below. These features are only supported in Impala 1.3 or higher deployments.

false

all_admission_control_enabled

false

Advanced

Display Name

Description

Related Name

Default Value

API Name

Required

Enable Core Dump

Used to generate a core dump to get more information about an Impala crash. Unless otherwise configured systemwide using
/proc/sys/kernel/core_pattern, the dump is generated in the 'current directory' of the Impala process (usually a subdirectory of the /var/run/cloudera-scm-agent/process directory). The core file can
be very large.

false

enable_core_dump

false

Maximum HBase Client Retries

Maximum number of HBase client retries for Impala. Used as a maximum for all operations such as fetching of the root region from
the root RegionServer, getting a cell's value, and starting a row update. Overrides configuration in the HBase service.

hbase.client.retries.number

3

hbase_client_retries_number

false

HBase RPC Timeout

Timeout in milliseconds for all HBase RPCs made by Impala. Overrides configuration in HBase service.

For advanced use only, key-value pairs (one on each line) to be added (verbatim) to Impala Daemon command-line flags. Applies to
all roles in this service. Key names should begin with a hyphen(-). For example: -log_filename=foo.log

impala_cmd_args_safety_valve

false

Fair Scheduler Configuration Rules (Deployed)

A list specifying the rules to run to determine which Fair Scheduler configuration to use. The value specified here is what gets
deployed to all the hosts. This configuration only has effect on Impala versions 1.3 or greater.

[]

impala_schedule_rules

false

Fair Scheduler Configuration Rules (Staged)

A list specifying the rules to run to determine which Fair Scheduler configuration to use. Typically edited using the Rules
configuration UI. This configuration only has effect on Impala versions 1.3 or greater.

impala_schedule_rules_draft

false

Fair Scheduler Allocations (Deployed)

JSON representation of all the configurations that the Fair Scheduler can take on across all schedules. This configuration only has
effect on Impala versions 1.3 or greater.

JSON representation of all the configurations that the Fair Scheduler can take on across all schedules. Typically edited using the
Pools configuration UI. This configuration only has effect on Impala versions 1.3 or greater.

For advanced use only, a string to be inserted into the client configuration for navigator.lineage.client.properties.

navigator_lineage_client_config_safety_valve

false

Impala System Group (except Llama)

The group that this Impala's processes should run as (except Llama, which has its own group).

impala

process_groupname

true

Impala System User (except Llama)

The user that this Impala's processes should run as (except Llama, which has its own user).

impala

process_username

true

Use Debug Build

Use debug build of Impala binaries when starting roles. Useful when performing diagnostic activities to get more information in the
stacktrace or core dump.

false

use_debug_build

false

Cloudera Navigator

Display Name

Description

Related Name

Default Value

API Name

Required

Enable Audit Collection

Enable collection of audit events from the service's roles.

true

navigator_audit_enabled

false

Audit Event Filter

Event filters are defined in a JSON object like the following: { "defaultAction" : ("accept", "discard"),
"rules" : [ { "action" : ("accept", "discard"), "fields" : [ { "name" : "fieldName", "match" : "regex" } ] } ] } A filter has a default action and a list of rules, in order of precedence. Each
rule defines an action, and a list of fields to match against the audit event. A rule is "accepted" if all the listed field entries match the audit event. At that point, the action declared by the
rule is taken. If no rules match the event, the default action is taken. Actions default to "accept" if not defined in the JSON object. The following is the list of fields that can be filtered for
Impala events:

userName: the user performing the action.

ipAddress: the IP from where the request originated.

operation: the Impala operation being performed.

databaseName: the databaseName for the operation.

tableName: the tableName for the operation.

navigator.event.filter

navigator_audit_event_filter

false

Audit Queue Policy

Action to take when the audit event queue is full. Drop the event or shutdown the affected process.

navigator.batch.queue_policy

DROP

navigator_audit_queue_policy

false

Audit Event Tracker

Configures the rules for event tracking and coalescing. This feature is used to define equivalency between different audit events.
When events match, according to a set of configurable parameters, only one entry in the audit list is generated for all the matching events. Tracking works by keeping a reference to events when they
first appear, and comparing other incoming events against the "tracked" events according to the rules defined here. Event trackers are defined in a JSON object like the following: { "timeToLive" : [integer], "fields" : [ { "type" : [string], "name" : [string] } ] } Where:

timeToLive: maximum amount of time an event will be tracked, in milliseconds. Must be provided. This defines how long, since it's first seen, an event will be tracked. A value of 0
disables tracking.

fields: list of fields to compare when matching events against tracked events.

Each field has an evaluator type associated with it. The evaluator defines how the field data is to be compared. The following evaluators are available:

value: uses the field value for comparison.

userName: treats the field value as a userName, and ignores any host-specific data. This is useful for environment using Kerberos, so that only the principal name and realm are
compared.

The following is the list of fields that can be used to compare Impala events:

operation: the Impala operation being performed.

username: the user performing the action.

ipAddress: the IP from where the request originated.

allowed: whether the operation was allowed or denied.

databaseName: the database affected by the operation.

tableName: the table affected by the operation.

objectType: the type of object affected by the operation.

privilege: the privilege associated with the operation.

navigator_event_tracker

navigator_event_tracker

false

Enable Lineage Collection

Enable collection of lineage from the service's roles.

true

navigator_lineage_enabled

false

Monitoring

Display Name

Description

Related Name

Default Value

API Name

Required

Admin Users Query List Visibility Settings

Controls which queries admin users can see in the queries list view

ALL

admin_query_list_settings

true

Enable Service Level Health Alerts

When set, Cloudera Manager will send alerts when the health of this service reaches the threshold specified by the EventServer
setting eventserver_health_events_alert_threshold

true

enable_alerts

false

Enable Configuration Change Alerts

When set, Cloudera Manager will send alerts when this entity's configuration changes.

false

enable_config_alerts

false

Assignment Locality Minimum Assignments

The minimum number of assignments that must occur during the test time period before the threshold values will be checked. Until
this number of assignments have been observed in the test time period the health test will be disabled.

10

impala_assignment_locality_minimum

false

Assignment Locality Ratio Thresholds

The health test thresholds for the assignment locality health test. Specified as a percentage of total assignments.

Warning: 80.0 %, Critical: 5.0 %

impala_assignment_locality_thresholds

false

Assignment Locality Monitoring Period

The time period over which to compute the assignment locality ratio. Specified in minutes.

The health test thresholds of the overall Impala Daemon health. The check returns "Concerning" health if the percentage of
"Healthy" Impala Daemons falls below the warning threshold. The check is unhealthy if the total percentage of "Healthy" and "Concerning" Impala Daemons falls below the critical threshold.

Warning: 95.0 %, Critical: 90.0 %

impala_impalads_healthy_thresholds

false

Healthy Impala Llama ApplicationMaster Monitoring Thresholds

The health test thresholds of the overall Impala Llama ApplicationMaster health. The check returns "Concerning" health if the
percentage of "Healthy" Impala Llama ApplicationMasters falls below the warning threshold. The check is unhealthy if the total percentage of "Healthy" and "Concerning" Impala Llama ApplicationMasters
falls below the critical threshold.

Warning: 99.0 %, Critical: 51.0 %

impala_llamas_healthy_thresholds

false

Impala Query Aggregates

Controls the aggregate metrics generated for Impala queries. The structure is a JSON list of the attributes to aggregate and the
entities to aggregate to. For example, if the attributeName is 'hdfs_bytes_read' and the aggregationTargets is ['USER'] then the Service Monitor will create the metric
'impala_query_hdfs_bytes_read_rate' and, every ten minutes, will record the total hdfs bytes read for each user across all their Impala queries. By default it will also record the number of queries
issues ('num_impala_queries_rate') for both users and pool. For a full list of the supported attributes see the Impala search page. Note that the valid aggregation targets are USER, YARN_POOL, and
IMPALA (the service), and that these aggregate metrics can be viewed on both the reports and charts search pages.

The configured triggers for this service. This is a JSON formatted list of triggers. These triggers are evaluated as part as the
health system. Every trigger expression is parsed, and if the trigger condition is met, the list of actions provided in the trigger expression is executed. Each trigger has the following fields:

triggerName(mandatory) - The name of the trigger. This value must be unique for the specific service.

streamThreshold(optional) - The maximum number of streams that can satisfy a condition of a trigger before the condition
fires. By default set to 0, and any stream returned causes the condition to fire.

enabled(optional) - By default set to 'true'. If set to 'false', the trigger is not evaluated.

expressionEditorConfig(optional) - Metadata for the trigger editor. If present, the trigger should only be edited from the
Edit Trigger page; editing the trigger here can lead to inconsistencies.

For example, the followig JSON formatted trigger fires if there are more than 10 DataNodes with more than 500 file descriptors opened:[{"triggerName": "sample-trigger",
"triggerExpression": "IF (SELECT fd_open WHERE roleType = DataNode and last(fd_open) > 500) DO health:bad", "streamThreshold": 10, "enabled": "true"}]See the trigger rules documentation for
more details on how to write triggers using tsquery.The JSON format is evolving and may change and, as a result, backward compatibility is not guaranteed between releases.

For advanced use only, a list of derived configuration properties that will be used by the Service Monitor instead of the default
ones.

smon_derived_configs_safety_valve

false

Non-Admin Users Query List Visibility Settings

Controls which queries a non-admin user can see in the queries list view

ALL

user_query_list_settings

true

Other

Display Name

Description

Related Name

Default Value

API Name

Required

HBase Service

Name of the HBase service that this Impala service instance depends on

hbase_service

false

HDFS Service

Name of the HDFS service that this Impala service instance depends on

hdfs_service

true

Hive Service

Name of the Hive service that this Impala service instance depends on

hive_service

true

Sentry Service

Name of the Sentry service that this Impala service instance depends on. If selected, Impala uses this Sentry service to look up
authorization privileges. Before enabling Sentry, read the requirements and configuration steps in Setting Up The
Sentry Service .

sentry_service

false

YARN Service for Resource Management

Name of YARN service to use for resource management integration between Impala and YARN. This service dependency and the existence
of a Llama role is required for using said integration.

yarn_service

false

ZooKeeper Service for Llama HA

Name of the ZooKeeper service to use for leader election and fencing when Llama is configured for high availability. This service
dependency is required when more than one Llama role is present.

zookeeper_service

false

Performance

Display Name

Description

Related Name

Default Value

API Name

Required

Enable HDFS Short-Circuit Read

Enable HDFS short-circuit read. This allows a client colocated with the DataNode to read HDFS file blocks directly. This gives a
performance boost to distributed clients that are aware of locality.

dfs.client.read.shortcircuit

true

dfs_client_read_shortcircuit

false

Enable DSSD Short-Circuit Read

Enable DSSD short-circuit read. This allows HDFS client roles of this service that are co-located with DSSD DataNodes to read DSSD
volumes directly, rather than indirectly via the DSSD DataNode.

true

dssd_shortcircuit_read_enable

true

StateStoreSubscriber Timeout

Time in seconds before Impala Daemon or Catalog Server times out with the StateStore.

statestore_subscriber_timeout_seconds

30 second(s)

statestore_subscriber_timeout

false

Policy File-Based Sentry

Display Name

Description

Related Name

Default Value

API Name

Required

Proxy User Configuration

Specifies the set of authorized proxy users (users who can impersonate other users during authorization) and whom they are allowed
to impersonate. Input is a semicolon-separated list of key=value pairs of authorized proxy users to the user(s) they can impersonate. These users are specified as a comma separated list of short
usernames, or '*' to indicate all users. For example: joe=alice,bob;hue=*;admin=*. Only valid when Sentry is enabled.

authorized_proxy_user_config

hue=*

impala_authorized_proxy_user_config

false

Enable Sentry Authorization using Policy Files

Use Sentry to enable role-based, fine-grained authorization. This configuration enables Sentry using policy files. To enable Sentry
using Sentry service instead, add Sentry service as a dependency to Impala service. Sentry service provides concurrent and secure access to authorization policy metadata and is
the recommended option for enabling Sentry. Sentry is supported only on Impala 1.1 or later deployments.

If true, attempts to establish a TLS (Transport Layer Security) connection with an LDAP server that was specified with ldap://. Not
required when using an LDAP URL with prefix ldaps://, because that already specifies TLS. This option is also known as "Use StartTLS".

ldap_tls

false

enable_ldap_tls

false

LDAP URL

The URL of the LDAP server. The URL must be prefixed with ldap:// or ldaps://. The URL can optionally specify a custom port, for
example: ldaps://ldap_server.example.com:1636. Note that usernames and passwords will be transmitted in the clear unless either an ldaps:// URL is used, or "Enable LDAP TLS" is turned on (where
available). Also note that encryption must be in use between the client and this service for the same reason.For more detail on the LDAP URL format, see RFC 2255 . A space-separated list of URLs can be entered; in this case the URLs will each be tried in turn until one replies.

ldap_uri

impala_ldap_uri

false

Kerberos Principal

Kerberos principal short name used by all roles of this service.

impala

kerberos_princ_name

true

Kerberos Re-init Interval

Number of minutes between reestablishing our ticket with the Kerberos server.

kerberos_reinit_interval

1 hour(s)

kerberos_reinit_interval

false

LDAP BaseDN

This parameter is useful when authenticating against a non Active Directory server such as OpenLDAP. When set, this parameter is
used to convert the username into the LDAP Distinguished Name (DN), so that the resulting DN looks like uid=username,<this parameter>. For example, if this parameter is set to
"ou=People,dc=cloudera,dc=com", and the username passed in is "mike", the resulting authentication passed to the LDAP server will look like "uid=mike,ou=People,dc=cloudera,dc=com". This parameter is
mutually exclusive with Active Directory Domain.

ldap_baseDN

ldap_baseDN

false

LDAP Pattern

When set, this parameter allows arbitrary mapping from usernames into a Distinguished Name (DN). The string specified must have a
placeholder named "#UID" inside it, and that #UID is replaced with the username. For example, you could mimic the behavior of LDAP BaseDN by specifying "uid=#UID,ou=People,dc=cloudera,dc=com". When
the username of "mike" comes in, it replaces the #UID and the result is "uid=mike,ou=People,dc=cloudera,dc=com". This option should be used when more control over the DN is needed. This parameter is
mutually exclusive with LDAP Domain and LDAP BaseDN.

ldap_bind_pattern

ldap_bind_pattern

false

Active Directory Domain

This parameter is useful when authenticating against an Active Directory server. This value is appended to all usernames before
authenticating against AD. For example, if this parameter is set to "my.domain.com", and the user authenticating is "mike", then "mike@my.domain.com" is passed to AD. If this field is unset, the
username remains unaltered before being passed to AD.

ldap_domain

ldap_domain

false

Impala TLS/SSL CA Certificate

The location on disk of the certificate, in PEM format, used to confirm the authenticity of SSL/TLS servers that the Impala daemons
might connect to. Since the Impala daemons connect to each other, this should also include the CA certificate used to sign all the SSL/TLS Certificates. Without this parameter, SSL/TLS between Impala
daemons will not be enabled.

ssl_client_ca_certificate

ssl_client_ca_certificate

false

Impala TLS/SSL Server Private Key File (PEM Format)

The path to the TLS/SSL file containing the private key used for TLS/SSL. Used when Impala is acting as a TLS/SSL server. The
certificate file must be in PEM format.

ssl_private_key

ssl_private_key

false

Impala TLS/SSL Private Key Password

The password for the private key in the Impala TLS/SSL Server Certificate and Private Key file. If left blank, the private key is
not protected by a password.

ssl_private_key_password_cmd

ssl_private_key_password

false

Impala TLS/SSL Server Certificate File (PEM Format)

The path to the TLS/SSL file containing the server certificate key used for TLS/SSL. Used when Impala is acting as a TLS/SSL
server. The certificate file must be in PEM format.

Whether to suppress the results of the Assignment Locality heath test. The results of suppressed health tests are ignored when
computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

false

service_health_suppression_impala_assignment_locality

true

Suppress Health Test: Impala Catalog Server Health

Whether to suppress the results of the Impala Catalog Server Health heath test. The results of suppressed health tests are ignored
when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

false

service_health_suppression_impala_catalogserver_health

true

Suppress Health Test: Impala Daemon Health

Whether to suppress the results of the Impala Daemon Health heath test. The results of suppressed health tests are ignored when
computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

false

service_health_suppression_impala_impalads_healthy

true

Suppress Health Test: Impala Llama ApplicationMaster Health

Whether to suppress the results of the Impala Llama ApplicationMaster Health heath test. The results of suppressed health tests are
ignored when computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

false

service_health_suppression_impala_llamas_healthy

true

Suppress Health Test: Impala StateStore Health

Whether to suppress the results of the Impala StateStore Health heath test. The results of suppressed health tests are ignored when
computing the overall health of the associated host, role or service, so suppressed health tests will not generate alerts.

If this documentation includes code, including but not limited to, code examples, Cloudera makes this available to you under the terms of the Apache License, Version 2.0, including any required
notices. A copy of the Apache License Version 2.0 can be found here.